Method and apparatus for regulating data flow between a communications device and a network
US7890612B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 7, 2007 |
| Grant date | Feb 15, 2011 |
| Priority date | — |
| Expiry date | Dec 15, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1491
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A network security device which acts as an “airlock” for traffic between a communications device and a network. Data is screened using rules based analysis by the security device to counter various threats, including viruses, phishing, attempts to “hijack” communications, communications with known malicious addresses or unknown addresses, and transmission of sensitive information. Data packets can be reassembled into files for screening, and decoded or expanded as necessary, but is never executed. The data path for the data being screened is kept separate from the operations of the network security device itself, so that the device is incorruptible—its programming cannot be compromised from outside sources. Updates for rules and entry of sensitive data for screening, etc., must be done through a physical interface, not via the normal data communications channel. The device is invisible—it cannot be “seen” by the network, and thus cannot be attacked.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.